airship
/
promenade
Code Issues Proposed changes
A declarative framework for resilient Kubernetes deployment.
906 Commits 3 Branches 0 Tags 11 MiB
Python 47.6%
Shell 26.5%
Smarty 24.3%
Makefile 1.6%
Go to file
Phil Sphicas fb36579e16 kube-apiserver: use HTTP probes instead of exec 
The existing exec probes for apiserver rely on things that do not exist
in the official kubernetes release images (bash, socat).

This change modifies the apiserver to use HTTP probes of the recommended
liveness and readiness endpoints.[0]

Also sets `--anonymous-auth=true` (the default setting), as kubelet is
unable to provide a client certificate when performing the health check.
RBAC rules apply, but unauthenticated users will be able to access the
following endpoints:

    apiVersion: rbac.authorization.k8s.io/v1
    kind: ClusterRole
    metadata:
      name: system:public-info-viewer
    rules:
    - nonResourceURLs:
      - /healthz
      - /livez
      - /readyz
      - /version
      - /version/
      verbs:
      - get

0: https://v1-18.docs.kubernetes.io/docs/reference/using-api/health-checks/

Change-Id: I06d739c844fe85ec6cbf47d3bb69a39cd008ddd8
 		2020-09-28 03:27:58 +00:00
.github Update Airship vulnerability link 2020-05-18 21:27:18 +00:00
charts kube-apiserver: use HTTP probes instead of exec 2020-09-28 03:27:58 +00:00
doc Upgrade etcd to 3.4.3 2020-08-25 17:22:15 +00:00
etc/promenade Minor testing-related cleanup 2018-01-02 10:14:10 -06:00
examples Upgrade etcd to 3.4.3 2020-08-25 17:22:15 +00:00
images/promenade Upgrade LibYAML version in container builds 2020-09-24 04:27:29 +00:00
promenade Accelerate YAML operations with LibYAML 2020-09-24 04:27:29 +00:00
tests Accelerate YAML operations with LibYAML 2020-09-24 04:27:29 +00:00
tools fix - pep8 and image build gates 2020-09-22 08:42:40 -05:00
.dockerignore Remove tests from images 2018-08-02 15:37:18 -05:00
.gitignore Upgrade mismatch dependencies for pegleg 2019-09-20 15:23:21 +00:00
.gitreview OpenDev Migration Patch 2019-04-19 19:52:18 +00:00
.readthedocs.yaml Fix: Promenade Exceptions docs rendering on RTD 2019-08-27 22:57:15 +02:00
.zuul.yaml fix - pep8 and image build gates 2020-09-22 08:42:40 -05:00
LICENSE Initial commit 2017-02-14 11:13:39 -08:00
Makefile Upgrade k8s from v1.17.3 to v1.18.6 2020-08-19 15:56:45 +00:00
README.md Update the README.md File 2018-07-30 15:52:23 -05:00
entrypoint.sh [uwsgi] remove extraneous argument 2020-04-23 22:28:39 +00:00
requirements-direct.txt Accelerate YAML operations with LibYAML 2020-09-24 04:27:29 +00:00
requirements-frozen.txt Accelerate YAML operations with LibYAML 2020-09-24 04:27:29 +00:00
requirements.txt Pull requirements-direct into requirements 2019-08-26 13:52:04 +00:00
setup.cfg Fix outdated external references 2019-09-06 13:11:17 -05:00
setup.py Enable using PBR for package library 2018-10-25 17:04:29 -05:00
test-requirements.txt Moving documentation only requirements into doc/requirements.txt 2019-02-11 12:11:02 +00:00
tox.ini Adjust plugin cri parameters 2020-03-26 05:02:37 +00:00

README.md

Promenade

Promenade is a tool for bootstrapping a resilient Kubernetes cluster and managing its life-cycle via Helm charts.

Documentation can be found here.

Roadmap

The detailed Roadmap can be viewed on the OpenStack StoryBoard.

  • Cluster bootstrapping
    • Initial Genesis process results in a single node Kubernetes cluster with Under-cloud components deployed using Armada.
    • Joining sufficient master nodes results in a resilient Kubernetes cluster.
    • Destroy Genesis node after bootstrapping and re-provision as a normal node to ensure consistency.
  • Life-cycle management
    • Decommissioning of nodes.
    • Updating Kubernetes version.

Getting Started

To get started, see getting started.

Configuration is documented here.

Bugs

Bugs are tracked in OpenStack StoryBoard.